﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using System.Configuration;

public partial class login : System.Web.UI.Page
{
    SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["conn"].ConnectionString.ToString());
    Random random = new Random();
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            Label1.Text = random.Next(1000, 10000).ToString();
        }
    }
    protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
    {

        if (System.Data.ConnectionState.Closed == conn.State)
        {
            conn.Open();
        }
        if(DropDownList1.Text=="管理员"){
            if(Label1.Text.Trim()==yzm.Text.Trim())
            {
                
                string str = "select * from admin where name='"+ name.Text.Trim()+"' and password='"+password.Text.Trim()+"'";
                SqlCommand comm = new SqlCommand(str, conn);
                SqlDataReader dr = comm.ExecuteReader();
                if (dr.HasRows)
                {
                    Session["name"] = name.Text.Trim();
                    Response.Write("<script>alert('欢迎"+name.Text.ToString()+"登录！')</script>");
                    
                    //string dl = "insert into from logindate (name) values ('" + name.Text.Trim() + "')";
                    //SqlCommand comm1 = new SqlCommand(dl, conn);
                    //comm1.ExecuteNonQuery();

                    Response.Redirect("backstage.aspx");
                }
                else
                {
                    Response.Write("<script>alert('用户名或者密码错误！')</script>");
                }
            }
            else
            {
                Response.Write("<script>alert('请输入正确验证码！')</script>");
            }                     
        }
        else{
            if(Label1.Text.Trim()==yzm.Text.Trim())
            {
                string str = "select * from userinfo where name='"+name.Text.Trim()+"' and password='"+password.Text.Trim()+"'";
                SqlCommand comm = new SqlCommand(str, conn);
                SqlDataReader dr = comm.ExecuteReader();
                if (dr.HasRows)
                {
                    Session["name"] = name.Text.Trim();
                    Response.Write("<script>alert('欢迎"+name.Text.ToString()+"登录！')</script>");
                    Response.Redirect("userbackstage.aspx");
                }
                else
                {
                    Response.Write("<script>alert('用户名或者密码错误！')</script>");
                }
            }
            else
            {
                Response.Write("<script>alert('请输入正确验证码！')</script>");
            }     
        }       
    }

     //dr.Close();
     //       if(System.Data.ConnectionState.Open==conn.State)
     //       {
     //           conn.Close();
    //        }

    protected void ImageButton2_Click(object sender, ImageClickEventArgs e)
    {
        name.Text = "";
        password.Text = "";
        yzm.Text = "";
    }
}